concourse-op: stop using id-token as auth-token

it appears we were pulling the id-token from the JWT token response and using it as the bearer token for the client. I'm not sure why we were doing this, but it appears to have been introduced shortly after the concourse authentication changes in v6.2. I suspect whatever the original problem was has not been fixed, and so we ended up using the wrong token after the upgrade to 6.6. using the standard AuthToken response resolves our current issues with the password authenticate for the operator not working against v6.6 this change likely makes the operator no-longer compatible with versions prior to 6.6
alphagov · Oct 14, 2020 · 9a00e98 · 9a00e98
1 parent 273622f
commit 9a00e98
Showing 1 changed file with 1 addition and 5 deletions.
diff --git a/components/concourse-operator/pkg/controller/client.go b/components/concourse-operator/pkg/controller/client.go
@@ -50,14 +50,10 @@ func newClient(cfg ConcourseClientConfig) (concourse.Client, error) {
 	if err != nil {
 		return nil, fmt.Errorf("resource: couldn't obtain auth token: %s", err)
 	}
-	idToken, ok := token.Extra("id_token").(string)
-	if !ok {
-		return nil, fmt.Errorf("failed to find id_token extra in oauth2 token")
-	}
 	// create a concourse client
 	client := concourse.NewClient(cfg.ATCAddr, &http.Client{
 		Transport: ConcourseAuthTransport{
-			AccessToken:     idToken,
+			AccessToken:     token.AccessToken,
 			TokenType:       token.TokenType,
 			TLSClientConfig: &tls.Config{InsecureSkipVerify: cfg.InsecureSkipVerify},
 		},